[kernel] r9990 - in dists/etch/linux-2.6/debian: . patches/bugfix patches/series

Dann Frazier dannf at alioth.debian.org
Thu Dec 20 06:19:55 UTC 2007 

Author: dannf
Date: Thu Dec 20 06:19:54 2007
New Revision: 9990

Log:
merge in 2.6.18.dfsg.1-13etch5 and 2.6.18.dfsg.1-13etch6

Added:
   dists/etch/linux-2.6/debian/patches/bugfix/cifs-better-failed-mount-errors.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/cifs-better-failed-mount-errors.patch
   dists/etch/linux-2.6/debian/patches/bugfix/cifs-corrupt-server-response-overflow.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/cifs-corrupt-server-response-overflow.patch
   dists/etch/linux-2.6/debian/patches/bugfix/coredump-only-to-same-uid.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/coredump-only-to-same-uid.patch
   dists/etch/linux-2.6/debian/patches/bugfix/hrtimer-large-relative-timeouts-overflow.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/hrtimer-large-relative-timeouts-overflow.patch
   dists/etch/linux-2.6/debian/patches/bugfix/ieee80211-underflow.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/ieee80211-underflow.patch
   dists/etch/linux-2.6/debian/patches/bugfix/isdn-net-overflow.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/isdn-net-overflow.patch
   dists/etch/linux-2.6/debian/patches/bugfix/minixfs-printk-hang.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/minixfs-printk-hang.patch
   dists/etch/linux-2.6/debian/patches/bugfix/sysfs-fix-condition-check.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/sysfs-fix-condition-check.patch
   dists/etch/linux-2.6/debian/patches/bugfix/sysfs_readdir-NULL-deref-1.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/sysfs_readdir-NULL-deref-1.patch
   dists/etch/linux-2.6/debian/patches/bugfix/sysfs_readdir-NULL-deref-2.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/sysfs_readdir-NULL-deref-2.patch
   dists/etch/linux-2.6/debian/patches/bugfix/tmpfs-restore-clear_highpage.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/tmpfs-restore-clear_highpage.patch
   dists/etch/linux-2.6/debian/patches/bugfix/wait_task_stopped-hang.patch
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/bugfix/wait_task_stopped-hang.patch
   dists/etch/linux-2.6/debian/patches/series/13etch5
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/series/13etch5
   dists/etch/linux-2.6/debian/patches/series/13etch6
      - copied unchanged from r9989, /releases/linux-2.6/2.6.18.dfsg.1-13etch6/debian/patches/series/13etch6
Modified:
   dists/etch/linux-2.6/debian/changelog

Modified: dists/etch/linux-2.6/debian/changelog
==============================================================================
--- dists/etch/linux-2.6/debian/changelog	(original)
+++ dists/etch/linux-2.6/debian/changelog	Thu Dec 20 06:19:54 2007
@@ -52,6 +52,53 @@
 
  -- dann frazier <dannf at debian.org>  Mon, 17 Sep 2007 16:56:07 -0600
 
+linux-2.6 (2.6.18.dfsg.1-13etch6) stable-security; urgency=high
+
+  * bugfix/isdn-net-overflow.patch
+    [SECURITY] Fix potential overflows in the ISDN subsystem
+    See CVE-2007-6063
+  * bugfix/coredump-only-to-same-uid.patch
+    [SECURITY] Fix an issue where core dumping over a file that
+    already exists retains the ownership of the original file
+    See CVE-2007-6206
+  * bugfix/hrtimer-large-relative-timeouts-overflow.patch
+    [SECURITY] Avoid overflow in hrtimers due to large relative timeouts
+    See CVE-2007-5966
+  * bugfix/minixfs-printk-hang.patch
+    [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs
+    filesystem that would otherwise cause a system to hang (printk storm)
+    See CVE-2006-6058
+  * bugfix/tmpfs-restore-clear_highpage.patch
+    [SECURITY] Fix a theoretical kernel memory leak in the tmpfs filesystem
+    See CVE-2007-6417
+
+ -- dann frazier <dannf at debian.org>  Tue, 18 Dec 2007 08:01:00 -0700
+
+linux-2.6 (2.6.18.dfsg.1-13etch5) stable-security; urgency=high
+
+  * bugfix/sysfs_readdir-NULL-deref-1.patch,
+    bugfix/sysfs_readdir-NULL-deref-2.patch,
+    bugfix/sysfs-fix-condition-check.patch
+    [SECURITY] Fix potential NULL pointer dereference which can lead to
+    a local DoS (kernel oops)
+    See CVE-2007-3104
+  * bugfix/ieee80211-underflow.patch
+    [SECURITY] Fix integer overflow in ieee80211 which makes it possible
+    for a malicious frame to crash a system using a driver built on top of
+    the Linux 802.11 wireless code.
+    See CVE-2007-4997
+  * bugfix/wait_task_stopped-hang.patch
+    [SECURITY] wait_task_stopped was incorrectly testing for TASK_TRACED -
+    check p->exit_state instead avoiding a potential system hang
+    See CVE-2007-5500
+  * bugfix/cifs-better-failed-mount-errors.patch,
+    bugfix/cifs-corrupt-server-response-overflow.patch
+    [SECURITY][CIFS] Fix multiple overflows that can be remotely triggered
+    by a server sending a corrupt response.
+    See CVE-2007-5904
+
+ -- dann frazier <dannf at debian.org>  Thu, 29 Nov 2007 08:33:39 -0700
+
 linux-2.6 (2.6.18.dfsg.1-13etch4) stable-security; urgency=high
 
   [ Bastian Blank ]

More information about the Kernel-svn-changes mailing list